Lucene search
K

28076 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/13 5:56 p.m.3 views

CVE-2026-20821

Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an unauthorized attacker to disclose information locally...

6.2CVSS5.4AI score0.00692EPSS
Exploits0References2Affected Software24
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.3 views

Windows Kernel Information Disclosure Vulnerability

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00633EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.3 views

Windows Kernel Information Disclosure Vulnerability

Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally...

6.2CVSS6.5AI score0.00692EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.6 views

Microsoft Windows File Explorer Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network...

6.5CVSS6.5AI score0.013EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.3 views

Windows File Explorer Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00654EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.3 views

Windows File Explorer Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00654EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.2 views

Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00633EPSS
Exploits0
Cvelist
Cvelist
added 2026/01/13 1:49 p.m.17 views

CVE-2025-14507 EventPrime - Events Calendar, Bookings and Tickets <= 4.2.7.0 - Unauthenticated Sensitive Information Exposure via REST API

The EventPrime - Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.7.0 via the REST API. This makes it possible for unauthenticated attackers to extract sensitive booking data including user names,...

5.3CVSS0.00378EPSS
Exploits0References5
CVE
CVE
added 2026/01/13 1:49 p.m.20 views

CVE-2025-14507

CVE-2025-14507 — EventPrime for WordPress suffers unauthenticated sensitive information exposure via the REST API in all versions up to and including 4.2.7.0. Unauthenticated attackers could exfiltrate booking data (user names, emails, ticket details, payment information, and order keys) when the...

5.3CVSS5.7AI score0.00378EPSS
Exploits0References5
NVD
NVD
added 2026/01/13 2:15 a.m.7 views

CVE-2026-0497

SAP Product Designer Web UI of Business Server Pages allows authenticated non-administrative users to access non-sensitive information. This results in a low impact on confidentiality, with no impact on integrity or availability of the application...

4.3CVSS0.00195EPSS
Exploits0References2
CVE
CVE
added 2026/01/13 1:13 a.m.12 views

CVE-2026-0497

CVE-2026-0497 affects SAP Product Designer Web UI of Business Server Pages. The issue arises from a missing authorization check, allowing authenticated non-administrative users to access non-sensitive information. Reported impact is limited to confidentiality (low); no impact on integrity or avai...

4.3CVSS6.1AI score0.00195EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.5 views

Microsoft Dynamics 安全漏洞

Microsoft Dynamics is a suite of ERP business solutions for multinational organizations from Microsoft USA. The product includes financial management, production management and business intelligence management. A security vulnerability exists in Microsoft Dynamics. An attacker exploiting this...

4.4CVSS5.8AI score0.00399EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.4 views

Microsoft Windows File Explorer 信息泄露漏洞

Microsoft Windows File Explorer is a file manager application from Microsoft USA. An information disclosure vulnerability exists in Microsoft Windows File Explorer, which can be exploited by attackers to obtain sensitive information...

5.5CVSS5.8AI score0.00654EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.4 views

PT-2026-2467

Name of the Vulnerable Software and Affected Versions Fortinet FortiFone versions 7.0.0 through 7.0.1 Fortinet FortiFone versions 3.0.13 through 3.0.23 Description An exposure of sensitive information to an unauthorized actor allows an unauthenticated attacker to obtain the device configuration v...

10CVSS6.5AI score0.00791EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.5 views

PT-2026-2333

Name of the Vulnerable Software and Affected Versions SAP Product Designer Web UI of Business Server Pages affected versions not specified Description The SAP Product Designer Web UI of Business Server Pages allows authenticated, non-administrative users to access non-sensitive information. This...

4.3CVSS6.2AI score0.00195EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.3 views

PT-2026-2673

Name of the Vulnerable Software and Affected Versions Windows File Explorer affected versions not specified Description A flaw exists in Windows File Explorer that could allow an attacker to disclose sensitive information locally. An authorized attacker can leverage this to gain access to...

5.5CVSS6.2AI score0.00654EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.3 views

PT-2026-2739

CVE-2026-20937 Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. https://t.co/7wV1JGOJF9...

5.5CVSS6.5AI score0.00466EPSS
Exploits1References3
Snyk
Snyk
added 2026/01/12 11:0 p.m.6 views

Insertion of Sensitive Information into Log File

Overview hermes is a Workflow to publish research software with rich metadata Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the -O options argument handling process. An attacker can obtain sensitive information by accessing log files that...

5.9CVSS6.4AI score0.00154EPSS
Exploits0References2
NVD
NVD
added 2026/01/12 10:16 p.m.8 views

CVE-2026-22788

WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, the WebErpMesV2 application exposes multiple sensitive API endpoints without authentication middleware. An unauthenticated remote attacker can read business-critical data including companies,...

8.2CVSS0.00527EPSS
Exploits1References2
NVD
NVD
added 2026/01/12 10:16 p.m.10 views

CVE-2026-22798

hermes is an implementation of the HERMES workflow to automatize software publication with rich metadata. From 0.8.1 to before 0.9.1, hermes subcommands take arbitrary options under the -O argument. These have been logged in raw form. If users provide sensitive data such as API tokens e.g., via...

5.9CVSS0.00154EPSS
Exploits0References3
Rows per page
Query Builder